Home

CVE-2015-0295

Description

The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
1.966

Associated Vulnerability

VulnerabilityOS Platform
Qt 4 libraries (USN-2626-1) libqtgui4_4.8.1-0ubuntu4.9_i386.debLinux
Qt 4 libraries (USN-2626-1) libqtgui4_4.8.1-0ubuntu4.9_amd64.debLinux
Qt 4 libraries (USN-2626-1) libqtgui4_4.8.5+git192-g085f851+dfsg-2ubuntu4.1_i386.debLinux
Qt 4 libraries (USN-2626-1) libqtgui4_4.8.5+git192-g085f851+dfsg-2ubuntu4.1_amd64.debLinux
Qt 4 libraries (USN-2626-1) libqtgui4_4.8.6+git64-g5dc8b2b+dfsg-3~ubuntu6.1_i386.debLinux
Qt 4 libraries (USN-2626-1) libqtgui4_4.8.6+git64-g5dc8b2b+dfsg-3~ubuntu6.1_amd64.debLinux
Qt 4 libraries (USN-2626-1) libqt5gui5_5.4.1+dfsg-2ubuntu4.1_i386.debLinux
Qt 4 libraries (USN-2626-1) libqt5gui5_5.4.1+dfsg-2ubuntu4.1_amd64.debLinux
Qt 4 libraries (USN-2626-1) libqt5gui5_5.2.1+dfsg-1ubuntu14.3_i386.debLinux
Qt 4 libraries (USN-2626-1) libqt5gui5_5.2.1+dfsg-1ubuntu14.3_amd64.debLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libQtWebKit4-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libQtWebKit4-32bit-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libqt4-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libqt4-32bit-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libqt4-qt3support-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libqt4-qt3support-32bit-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libqt4-sql-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libqt4-sql-32bit-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libqt4-sql-mysql-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libqt4-sql-mysql-32bit-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libqt4-sql-postgresql-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libqt4-sql-postgresql-32bit-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libqt4-sql-sqlite-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libqt4-sql-sqlite-32bit-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libqt4-sql-unixODBC-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libqt4-sql-unixODBC-32bit-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libqt4-x11-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Desktop 11 SP3 ) libqt4-x11-32bit-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:0977-1(SUSE Linux Enterprise Server 11 SP3 ) qt4-x11-tools-4.6.3-5.34.2.x86_64.rpmLinux
SUSE-SU-2015:1383-1(SUSE Linux Enterprise Desktop 12 ) libQt5Core5-5.3.1-4.4.2.x86_64.rpmLinux
SUSE-SU-2015:1383-1(SUSE Linux Enterprise Desktop 12 ) libQt5Core5-debuginfo-5.3.1-4.4.2.x86_64.rpmLinux
SUSE-SU-2015:1383-1(SUSE Linux Enterprise Desktop 12 ) libQt5DBus5-5.3.1-4.4.2.x86_64.rpmLinux
SUSE-SU-2015:1383-1(SUSE Linux Enterprise Desktop 12 ) libQt5DBus5-debuginfo-5.3.1-4.4.2.x86_64.rpmLinux
SUSE-SU-2015:1383-1(SUSE Linux Enterprise Desktop 12 ) libQt5Gui5-5.3.1-4.4.2.x86_64.rpmLinux
SUSE-SU-2015:1383-1(SUSE Linux Enterprise Desktop 12 ) libQt5Gui5-debuginfo-5.3.1-4.4.2.x86_64.rpmLinux
SUSE-SU-2015:1383-1(SUSE Linux Enterprise Desktop 12 ) libQt5Widgets5-5.3.1-4.4.2.x86_64.rpmLinux
SUSE-SU-2015:1383-1(SUSE Linux Enterprise Desktop 12 ) libQt5Widgets5-debuginfo-5.3.1-4.4.2.x86_64.rpmLinux
SUSE-SU-2015:1383-1(SUSE Linux Enterprise Desktop 12 ) libqt5-qtbase-debugsource-5.3.1-4.4.2.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234